Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

iTunes < 9.1 Multiple Vulnerabilities

High

Synopsis

The remote host contains an application that is vulnerable to multiple attack vectors.

Description

The remote version of iTunes is older than 9.1. Such versions may be affected by multiple vulnerabilities :

- A buffer underflow in ImageIO's handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2009-2285)

- An integer overflow in the application's handling of images with an embedded color profile may lead to an application crash or arbitrary code execution. (CVE-2010-0040)

- An uninitialized memory access issue in ImageIO's handling of BMP images may result in sending data from Safari's memory to a website under an attacker's control. (CVE-2010-0041)

- An uninitialized memory access issue in ImageIO's handling of TIFF images may result in sending data from Safari's memory to a website under an attacker's control. (CVE-2010-0042)

- A memory corruption issue in the application's handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2010-0043)

- An infinite loop in the application's handling of imported MP4 podcast files may lead to an application crash and prevent subsequent operation. (CVE-2010-0531)

- A race condition during the installation process may allow a local user modify a file that is then executed with SYSTEM privileges. (CVE-2010-0532)

- A path searching issue may allow code execution if an attacker can place a specially crafted DLL in a directory and have a user open anothe file using iTunes in that directory. (CVE-2010-1795)

- Syncing a mobile device may allow a local user to gain the priviliges of the console user due to an insecure file operation in the handling of log files. (CVE-2010-1768)

Solution

Upgrade to iTunes 9.1 or later.